Server 2003

Building a Windows Server 2003 Standard Edition

Windows Server 2003 Standard Edition is quite a common platform in schools not least because it has a lower price tag than the Enterprise Edition.  This article shows a step-by-step routine for installing this popular system in your school.  I've included some vm specifications that might suit your environment.

---

Virtual Hardware

Choose "Server 2003 Standard" as the version.  Use an 8GB hard drive.  Keep 384MB of ram.  Remove the floppy drive and audio card.  Configure the NIC for your own network.

 

Configurations

• Hostname: 2003s-01
• Domain Name:  No domain used initially

 

Partioning

Use the entire disk (8gb)

 

Passwords and other Naming Conventions

When naming machines using Linux always use lower-case.  In addition there are other components to consider when thinking of a naming convention and so here are some other helpers...

Serial number:	xxxxx-xxxxx-xxxxx-xxxxx-xxxxx
Licencing Mode:	Per Device or Per User
Admin password:	xxxxxxx
itexpert password:	xxxxxxx

 

Networking

Use DHCP (the default) and keep in a WORKGROUP for now.

 

Log on

Log on to the new machine as administrator and install vmware tools without shared folders. Synchronize the clocks.

 

CD ROM

Configure the VM to not connect to the CD ROM on boot up.

 

First Snap-Shot (virtual environments)

Create the first snap-shot and call it Clean-Build.  Add notes to the snap-shot describing how we got here!

 

Updates

Download all updates and service packs.  If you need service pack 2 it does take quite a long time to download and install.

 

Second Snap-Shot (virtual environments)

Create the second snap-shot and call it Updates.  As usual add notes.

 

Sysprep

If you want to use the vm as a template, now's the time to sysprep and make a template of it.
Sysprep.exe -reseal -quiet -mini

 

Disable Administrator

Create a new admin account and disable the old one:
Adm1nistrator:  xxxxxxx

 

Create a Domain Controller

Static IP address of 192.168.1.254 subnet 255.255.255.0
gateway 192.168.1.1 dns 192.168.1.1, create a snapshot!
Rename the server YourServerName
Create a domain controller using the wizard
Restore Mode Password:  xxxxxxx
This step requires the cd for Server 2003 (not the Service Pack 2 disk!)

 

File server

Define the file server role using the wizard.  Create a new 30GB hard drive (Z: drive, Data).  Setup 200MB default quota, denying space exceeders.  Create the shares that are needed:

Home

HomeStaff$	/Home/Staff/
HomeStudents$	/Home/Students
HomeITSupport$	/Home/ITSupport

 

Profiles

ProfilesStaff$	/Profiles/Staff
ProfilesStudents$	/Profiles/Students

 

Multiusers

Staff$	/Multiusers/Staff
Students$	/Multiusers/Students
ITSupport$	/Multiusers/ITSupport

 

Set up the shares with appropriate permissions

• HomeITSupport$: ITSupport have full “Share” permissions. Security tab can be left with default settings.
• HomeStaff$: ITSupport and Staff have full “Share” permissions. Security tab can be left with default settings.
• HomeStudents$: ITSupport and Students have full “Share” permissions. Security tab can be left with default settings.
• ProfileStaff$: Staff have full “Share” permissions. Security tab can be left with default settings.
• ProfileStudents$: Students have full “Share” permissions. Security tab can be left with default settings.
• MultiUsers/Staff: ITSupport and Staff have full “Share” permissions. All other groups are removed using the Security tab, and ITSupport and Staff have Full Control.

 

Users and Computers

Using Active Directory setup the OU structure as follows.

SiteName > Users > Students, Staff and ITSupport

SiteName > Computers > Classroom and Office

 

Groups

Staff, Students, ITSupport.  In AD right-click on sitename.local and “Raise Domain Functional Level.  Make ITSupport a member of Enterprise Admins and Domain Admins.

 

Group Policy Management Console

1. Download and install the Group Policy Management Console with Service Pack 1.
2. Default Domain Policy:
   Change Maximum Password Age to 365 days
   Change Minimum Password Length to 6
   Disable Complex Passwords

 

Volume Shadow Service

This is the service that enables Previous Versions.

Create a new 8GB hard drive V:/.  Then right-click on Z:/ drive and choose Shadow Copies, Settings.  Set the Z:/ drive to use V:/ drive for it's shadow copy.  Limit size to 7000MB.  Configure the schedule to happen 06.00 and 12.00 every day.

 

Users and templates

1. Create a “Default User” profile for XP users
2. Steven – Member of NetworkAdmins, network home directory
3. Teacher-01 – Member of Staff group, network profile, network home directory
4. Student-01 – Member of the Students group, network profile, network home directory
5. NetworkAdmin-01 – Member of the NetworkAdmins group, network home directory.

 

Sysvol files

Print.vbs and various login scripts.

 

Remote Access

If you require remote access now is the time to set this up.

Install Logmein for this server.  Enable RDP for the NetworkAdmins group.  Install VNC viewer on the server in order to access the Linux host and any other machine that may be required.

 

Automatic Updates

Turn off the automatic updates feature.  With servers it is generally considered good practice to apply updates yourself, then you will be in more control of the state of your servers.

 

Thanks for visiting.